packer and kubernetes changes

kubectl/templates/cm-and-secrets/nginx-http-cm.yml

@@ -0,0 +1,28 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: nginx-http-cm
+data:
+  # key: value
+  # file: |
+  #   content
+  # ---
+  nginx.conf: |
+    user nginx;
+    worker_processes 1;
+    events {
+      worker_connections  10240;
+    }
+    http {
+      server {
+        listen       80;
+        server_name  _;
+        location / {
+          root   /usr/share/nginx/html;
+          index  index.html index.htm;
+        }
+        location /test {
+          return 401;
+        }
+      }
+    }

kubectl/templates/cm-and-secrets/nginx-http-deploy.yml

@@ -0,0 +1,32 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nginx-http
+spec:
+  replicas: 1
+  selector:
+    matchLabels: 
+      app: nginx-http
+  template:
+    metadata:
+      labels:
+        app: nginx-http
+    spec:
+      containers:
+      - name: nginx-http
+        image: nginx
+        ports:
+        - name: web
+          containerPort: 80
+        volumeMounts:
+        - name: nginx-http-cm
+          mountPath: /etc/nginx
+        - name: nginx-http-vol
+          mountPath: /usr/share/nginx/html
+      volumes:
+      - name: nginx-http-cm
+        configMap:
+          name: nginx-http-cm
+      - name: nginx-http-vol
+        hostPath:
+          path: /var/nginxserver

kubectl/templates/cm-and-secrets/nginx-http-svc.yml

@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: nginx-http-svc
+  labels:
+    app: nginx-http
+spec:
+  type: LoadBalancer
+  ports:
+  - port: 30080
+    targetPort: 80
+    protocol: TCP
+    name: http
+  selector:
+    app: nginx-http

packer/proxmox/credentials.pkr.hcl

@@ -0,0 +1,3 @@
+proxmox_api_url = "https://0.0.0.0:8006/api2/json"  # Your Proxmox IP Address
+proxmox_api_token_id = "terraform@pam!terraform"  # API Token ID
+proxmox_api_token_secret = "your-api-token-secret"

packer/proxmox/ubuntu-server-focal-docker/files/99-pve.cfg

@@ -0,0 +1 @@
+datasource_list: [ConfigDrive, NoCloud]

packer/proxmox/ubuntu-server-focal-docker/http/user-data

@@ -0,0 +1,33 @@
+#cloud-config
+autoinstall:
+  version: 1
+  locale: en_US
+  keyboard:
+    layout: de
+  ssh:
+    install-server: true
+    allow-pw: true
+    disable_root: true
+    ssh_quiet_keygen: true
+    allow_public_ssh_keys: true
+  packages:
+    - qemu-guest-agent
+    - sudo
+  storage:
+    layout:
+      name: direct
+    swap:
+      size: 0
+  user-data:
+    package_upgrade: false
+    timezone: Europe/Berlin
+    users:
+      - name: your-user-name
+        groups: [adm, sudo]
+        lock-passwd: false
+        sudo: ALL=(ALL) NOPASSWD:ALL
+        shell: /bin/bash
+        # passwd: your-password
+        # - or -
+        # ssh_authorized_keys:
+        #   - your-ssh-key

packer/proxmox/ubuntu-server-focal-docker/ubuntu-server-focal-docker.pkr.hcl

@@ -0,0 +1,148 @@
+# Ubuntu Server Focal Docker
+# ---
+# Packer Template to create an Ubuntu Server (Focal) with Docker on Proxmox
+
+# Variable Definitions
+variable "proxmox_api_url" {
+    type = string
+}
+
+variable "proxmox_api_token_id" {
+    type = string
+}
+
+variable "proxmox_api_token_secret" {
+    type = string
+    sensitive = true
+}
+
+# Resource Definiation for the VM Template
+source "proxmox" "ubuntu-server-focal-docker" {
+ 
+    # Proxmox Connection Settings
+    proxmox_url = "${var.proxmox_api_url}"
+    username = "${var.proxmox_api_token_id}"
+    token = "${var.proxmox_api_token_secret}"
+    # (Optional) Skip TLS Verification
+    # insecure_skip_tls_verify = true
+    
+    # VM General Settings
+    node = "your-proxmox-node"
+    vm_id = "100"
+    vm_name = "ubuntu-server-focal-docker"
+    template_description = "Ubuntu Server Focal Image with Docker pre-installed"
+
+    # VM OS Settings
+    # (Option 1) Local ISO File
+    # iso_file = "local:iso/ubuntu-20.04.2-live-server-amd64.iso"
+    # - or -
+    # (Option 2) Download ISO
+    # iso_url = "https://releases.ubuntu.com/20.04/ubuntu-20.04.3-live-server-amd64.iso"
+    # iso_checksum = "f8e3086f3cea0fb3fefb29937ab5ed9d19e767079633960ccb50e76153effc98"
+    iso_storage_pool = "local"
+    unmount_iso = true
+
+    # VM System Settings
+    qemu_agent = true
+
+    # VM Hard Disk Settings
+    scsi_controller = "virtio-scsi-pci"
+
+    disks {
+        disk_size = "20G"
+        format = "qcow2"
+        storage_pool = "local-lvm"
+        storage_pool_type = "lvm"
+        type = "sata"
+    }
+
+    # VM CPU Settings
+    cores = "1"
+    
+    # VM Memory Settings
+    memory = "2048" 
+
+    # VM Network Settings
+    network_adapters {
+        model = "virtio"
+        bridge = "vmbr0"
+        firewall = "false"
+    } 
+
+    # VM Cloud-Init Settings
+    cloud_init = true
+    cloud_init_storage_pool = "local-lvm"
+
+    # PACKER Boot Commands
+    boot_command = [
+        "<esc><wait><esc><wait>",
+        "<f6><wait><esc><wait>",
+        "<bs><bs><bs><bs><bs>",
+        "autoinstall ds=nocloud-net;s=http://{{ .HTTPIP }}:{{ .HTTPPort }}/ ",
+        "--- <enter>"
+    ]
+    boot = "c"
+    boot_wait = "5s"
+
+    # PACKER Autoinstall Settings
+    http_directory = "http" 
+    # (Optional) Bind IP Address and Port
+    # http_bind_address = "0.0.0.0"
+    # http_port_min = 8802
+    # http_port_max = 8802
+
+    ssh_username = "your-user-name"
+
+    # (Option 1) Add your Password here
+    # ssh_password = "your-password"
+    # - or -
+    # (Option 2) Add your Private SSH KEY file here
+    # ssh_private_key_file = "~/.ssh/id_rsa"
+
+    # Raise the timeout, when installation takes longer
+    ssh_timeout = "20m"
+}
+
+# Build Definition to create the VM Template
+build {
+
+    name = "ubuntu-server-focal-docker"
+    sources = ["source.proxmox.ubuntu-server-focal-docker"]
+
+    # Provisioning the VM Template for Cloud-Init Integration in Proxmox #1
+    provisioner "shell" {
+        inline = [
+            "while [ ! -f /var/lib/cloud/instance/boot-finished ]; do echo 'Waiting for cloud-init...'; sleep 1; done",
+            "sudo rm /etc/ssh/ssh_host_*",
+            "sudo truncate -s 0 /etc/machine-id",
+            "sudo apt -y autoremove --purge",
+            "sudo apt -y clean",
+            "sudo apt -y autoclean",
+            "sudo cloud-init clean",
+            "sudo rm -f /etc/cloud/cloud.cfg.d/subiquity-disable-cloudinit-networking.cfg",
+            "sudo sync"
+        ]
+    }
+
+    # Provisioning the VM Template for Cloud-Init Integration in Proxmox #2
+    provisioner "file" {
+        source = "files/99-pve.cfg"
+        destination = "/tmp/99-pve.cfg"
+    }
+
+    # Provisioning the VM Template for Cloud-Init Integration in Proxmox #3
+    provisioner "shell" {
+        inline = [ "sudo cp /tmp/99-pve.cfg /etc/cloud/cloud.cfg.d/99-pve.cfg" ]
+    }
+
+    # Provisioning the VM Template with Docker Installation #4
+    provisioner "shell" {
+        inline = [
+            "sudo apt-get install -y ca-certificates curl gnupg lsb-release",
+            "curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg",
+            "echo \"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null",
+            "sudo apt-get -y update",
+            "sudo apt-get install -y docker-ce docker-ce-cli containerd.io"
+        ]
+    }
+}

packer/proxmox/ubuntu-server-focal/files/99-pve.cfg

@@ -0,0 +1 @@
+datasource_list: [ConfigDrive, NoCloud]

packer/proxmox/ubuntu-server-focal/http/user-data

@@ -0,0 +1,33 @@
+#cloud-config
+autoinstall:
+  version: 1
+  locale: en_US
+  keyboard:
+    layout: de
+  ssh:
+    install-server: true
+    allow-pw: true
+    disable_root: true
+    ssh_quiet_keygen: true
+    allow_public_ssh_keys: true
+  packages:
+    - qemu-guest-agent
+    - sudo
+  storage:
+    layout:
+      name: direct
+    swap:
+      size: 0
+  user-data:
+    package_upgrade: false
+    timezone: Europe/Berlin
+    users:
+      - name: your-user-name
+        groups: [adm, sudo]
+        lock-passwd: false
+        sudo: ALL=(ALL) NOPASSWD:ALL
+        shell: /bin/bash
+        # passwd: your-password
+        # - or -
+        # ssh_authorized_keys:
+        #   - your-ssh-key

packer/proxmox/ubuntu-server-focal/ubuntu-server-focal.pkr.hcl

@@ -0,0 +1,140 @@
+# Ubuntu Server Focal
+# ---
+# Packer Template to create an Ubuntu Server (Focal) on Proxmox
+
+# Variable Definitions
+variable "proxmox_api_url" {
+    type = string
+}
+
+variable "proxmox_api_token_id" {
+    type = string
+}
+
+variable "proxmox_api_token_secret" {
+    type = string
+    sensitive = true
+}
+
+# Resource Definiation for the VM Template
+source "proxmox" "ubuntu-server-focal" {
+ 
+    # Proxmox Connection Settings
+    proxmox_url = "${var.proxmox_api_url}"
+    username = "${var.proxmox_api_token_id}"
+    token = "${var.proxmox_api_token_secret}"
+    # (Optional) Skip TLS Verification
+    # insecure_skip_tls_verify = true
+    
+    # VM General Settings
+    node = "your-proxmox-node"
+    vm_id = "100"
+    vm_name = "ubuntu-server-focal"
+    template_description = "Ubuntu Server Focal Image"
+
+    # VM OS Settings
+    # (Option 1) Local ISO File
+    # iso_file = "local:iso/ubuntu-20.04.2-live-server-amd64.iso"
+    # - or -
+    # (Option 2) Download ISO
+    # iso_url = "https://releases.ubuntu.com/20.04/ubuntu-20.04.3-live-server-amd64.iso"
+    # iso_checksum = "f8e3086f3cea0fb3fefb29937ab5ed9d19e767079633960ccb50e76153effc98"
+    iso_storage_pool = "local"
+    unmount_iso = true
+
+    # VM System Settings
+    qemu_agent = true
+
+    # VM Hard Disk Settings
+    scsi_controller = "virtio-scsi-pci"
+
+    disks {
+        disk_size = "20G"
+        format = "qcow2"
+        storage_pool = "local-lvm"
+        storage_pool_type = "lvm"
+        type = "sata"
+    }
+
+    # VM CPU Settings
+    cores = "1"
+    
+    # VM Memory Settings
+    memory = "2048" 
+
+    # VM Network Settings
+    network_adapters {
+        model = "virtio"
+        bridge = "vmbr0"
+        firewall = "false"
+    } 
+
+    # VM Cloud-Init Settings
+    cloud_init = true
+    cloud_init_storage_pool = "local-lvm"
+
+    # PACKER Boot Commands
+    boot_command = [
+        "<esc><wait><esc><wait>",
+        "<f6><wait><esc><wait>",
+        "<bs><bs><bs><bs><bs>",
+        "autoinstall ds=nocloud-net;s=http://{{ .HTTPIP }}:{{ .HTTPPort }}/ ",
+        "--- <enter>"
+    ]
+    boot = "c"
+    boot_wait = "5s"
+
+    # PACKER Autoinstall Settings
+    http_directory = "http" 
+    # (Optional) Bind IP Address and Port
+    # http_bind_address = "0.0.0.0"
+    # http_port_min = 8802
+    # http_port_max = 8802
+
+    ssh_username = "your-user-name"
+
+    # (Option 1) Add your Password here
+    # ssh_password = "your-password"
+    # - or -
+    # (Option 2) Add your Private SSH KEY file here
+    # ssh_private_key_file = "~/.ssh/id_rsa"
+
+    # Raise the timeout, when installation takes longer
+    ssh_timeout = "20m"
+}
+
+# Build Definition to create the VM Template
+build {
+
+    name = "ubuntu-server-focal"
+    sources = ["source.proxmox.ubuntu-server-focal"]
+
+    # Provisioning the VM Template for Cloud-Init Integration in Proxmox #1
+    provisioner "shell" {
+        inline = [
+            "while [ ! -f /var/lib/cloud/instance/boot-finished ]; do echo 'Waiting for cloud-init...'; sleep 1; done",
+            "sudo rm /etc/ssh/ssh_host_*",
+            "sudo truncate -s 0 /etc/machine-id",
+            "sudo apt -y autoremove --purge",
+            "sudo apt -y clean",
+            "sudo apt -y autoclean",
+            "sudo cloud-init clean",
+            "sudo rm -f /etc/cloud/cloud.cfg.d/subiquity-disable-cloudinit-networking.cfg",
+            "sudo sync"
+        ]
+    }
+
+    # Provisioning the VM Template for Cloud-Init Integration in Proxmox #2
+    provisioner "file" {
+        source = "files/99-pve.cfg"
+        destination = "/tmp/99-pve.cfg"
+    }
+
+    # Provisioning the VM Template for Cloud-Init Integration in Proxmox #3
+    provisioner "shell" {
+        inline = [ "sudo cp /tmp/99-pve.cfg /etc/cloud/cloud.cfg.d/99-pve.cfg" ]
+    }
+
+    # Add additional provisioning scripts here
+    # ...
+}

terraform/cloudflare/credentials.tf

@@ -10,4 +10,4 @@ variable "cloudflare_email" {
 variable "cloudflare_api_key" {
     description = "The API key for your Cloudflare account"
     type = string
-}
+}

terraform/kubernetes/provider.tf

@@ -3,21 +3,22 @@
 # Initial Provider Configuration for Kubectl
 
 terraform {
-  required_version = ">= 0.13.0"
 
-  required_providers {
+    required_version = ">= 0.13.0"
-    kubectl = {
+
-      source = "gavinbunney/kubectl"
+    required_providers {
-      version = "1.13.1"
+        kubectl = {
+          source = "gavinbunney/kubectl"
+          version = "1.13.1"
+        }
     }
-  }
 }
 
 # Dynamic Configuration from CIVO Kubernetes deployment
 # provider "kubectl" {
-#   host = "${yamldecode(civo_kubernetes_cluster.your-kubernetes-cluster.kubeconfig).clusters.0.cluster.server}"
+#     host = "${yamldecode(civo_kubernetes_cluster.your-kubernetes-cluster.kubeconfig).clusters.0.cluster.server}"
-#   client_certificate = "${base64decode(yamldecode(civo_kubernetes_cluster.your-kubernetes-cluster.kubeconfig).users.0.user.client-certificate-data)}"
+#     client_certificate = "${base64decode(yamldecode(civo_kubernetes_cluster.your-kubernetes-cluster.kubeconfig).users.0.user.client-certificate-data)}"
-#   client_key = "${base64decode(yamldecode(civo_kubernetes_cluster.your-kubernetes-cluster.kubeconfig).users.0.user.client-key-data)}"
+#     client_key = "${base64decode(yamldecode(civo_kubernetes_cluster.your-kubernetes-cluster.kubeconfig).users.0.user.client-key-data)}"
-#   cluster_ca_certificate = "${base64decode(yamldecode(civo_kubernetes_cluster.your-kubernetes-cluster.kubeconfig).clusters.0.cluster.certificate-authority-data)}"
+#     cluster_ca_certificate = "${base64decode(yamldecode(civo_kubernetes_cluster.your-kubernetes-cluster.kubeconfig).clusters.0.cluster.certificate-authority-data)}"
-#   load_config_file = false
+#     load_config_file = false
-# }
+# }

terraform/proxmox/credentails.tfvars

@@ -0,0 +1,3 @@
+proxmox_api_url = "https://0.0.0.0:8006/api2/json"  # Your Proxmox IP Address
+proxmox_api_token_id = "terraform@pam!terraform"  # API Token ID
+proxmox_api_token_secret = "your-api-token-secret"

terraform/proxmox/full-clone.tf

@@ -0,0 +1,49 @@
+# Proxmox Full-Clone
+# ---
+# Create a new VM from a clone
+
+resource "proxmox_vm_qemu" "your-vm" {
+    
+    # VM General Settings
+    target_node = "your-proxmox-node"
+    vmid = "100"
+    name = "vm-name"
+    desc = "Description"
+
+    # VM Advanced General Settings
+    onboot = true 
+
+    # VM OS Settings
+    clone = "your-clone"
+
+    # VM System Settings
+    agent = 1
+    
+    # VM CPU Settings
+    cores = 1
+    sockets = 1
+    cpu = "host"    
+    
+    # VM Memory Settings
+    memory = 1024
+
+    # VM Network Settings
+    network {
+        bridge = "vmbr0"
+        model  = "virtio"
+    }
+
+    # VM Cloud-Init Settings
+    os_type = "cloud-init"
+
+    # (Optional) IP Address and Gateway
+    # ipconfig0 = "ip=0.0.0.0/0,gw=0.0.0.0"
+    
+    # (Optional) Default User
+    # ciuser = "your-username"
+    
+    # (Optional) Add your SSH KEY
+    # sshkeys = <<EOF
+    # #YOUR-PUBLIC-SSH-KEY
+    # EOF
+}

terraform/proxmox/provider.tf

@@ -0,0 +1,38 @@
+# Proxmox Provider
+# ---
+# Initial Provider Configuration for Proxmox
+
+terraform {
+
+    required_version = ">= 0.13.0"
+
+    required_providers {
+        proxmox = {
+            source = "telmate/proxmox"
+            version = "2.9.3"
+        }
+    }
+}
+
+variable "proxmox_api_url" {
+    type = string
+}
+
+variable "proxmox_api_token_id" {
+    type = string
+}
+
+variable "proxmox_api_token_secret" {
+    type = string
+}
+
+provider "proxmox" {
+
+    pm_api_url = var.proxmox_api_url
+    pm_api_token_id = var.proxmox_api_token_id
+    pm_api_token_secret = var.proxmox_api_token_secret
+
+    # (Optional) Skip TLS Verification
+    # pm_tls_insecure = true
+
+}